Category tcpdump

TCPdump

#Filter Optionen
tcpdump -i eth0 port not 22 and not host 172.16.190.1
tcpdump -i seth0 host 149.249.32.105
tcpdump -vvv -nn -X -i eth4 port not 22
tcpdump -nn -i eth1 port not 22 and not port 443 and not host 172.17.190.1 and not host 10.123.64.1 and not arp
tcpdump -nnvvXSs 1514 -i eth0.666 port not 22 and not port 443 and not host 172.17.190.1 and not host 10.123.64.1 and not arp and port 80 = Packet Inhalt ansehn auf Port 80
tcpdump -lenx -i eth0 -s 1500 port bootps or port bootpc = DHCP Packet dumpen
tcpdump -s 0 -v -w CAPTURE_DATA.pcap = Packet einfagen und in Filk schreiben (Binär)
	tcpdump -ttttnnr CAPTURE_DATA.pcap = File lesbar machen. Connection Info
	tcpdump -qns 0 -A -r CAPTURE_DATA...
Read More